From a68c7de8ca9d38fbdf0801252a4185c8fd94cea6 Mon Sep 17 00:00:00 2001
From: sa282w <sa282w@att.com>
Date: Fri, 15 Jun 2018 12:45:37 -0400
Subject: Music health check apis

Issue-ID: PORTAL-291, PORTAL-307

Included the music changes, other changes from 2.3 branch to be
included in master, added JUnits to the new classes and updated the
document with the API version
changes.

Change-Id: I7b4c54be49317264afbdcb8d8ae3f20395bf0e1f
Signed-off-by: sa282w <sa282w@att.com>
---
 .../java/org/onap/portalapp/config/ExternalSecurityConfig.java     | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config')

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java
index 5354fa39..9f125b75 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java
@@ -41,11 +41,13 @@ import java.util.regex.Pattern;
 
 import javax.servlet.http.HttpServletRequest;
 
+import org.onap.portalapp.music.util.MusicUtil;
 import org.onap.portalapp.portal.utils.MusicCookieCsrfTokenRepository;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 import org.springframework.security.web.util.matcher.RegexRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
 
@@ -67,6 +69,9 @@ public class ExternalSecurityConfig extends WebSecurityConfigurerAdapter {
 				return false;
 			}
 		};
-		http.csrf().csrfTokenRepository(MusicCookieCsrfTokenRepository.withHttpOnlyFalse()).requireCsrfProtectionMatcher(csrfRequestMatcher);
+		if(MusicUtil.isMusicEnable())
+			http.csrf().csrfTokenRepository(MusicCookieCsrfTokenRepository.withHttpOnlyFalse()).requireCsrfProtectionMatcher(csrfRequestMatcher);
+		else
+			http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).requireCsrfProtectionMatcher(csrfRequestMatcher);
 	}
 }
-- 
cgit 1.2.3-korg